VYPR

Horizon Daas

by VMware

CVEs (3)

  • CVE-2018-6960HigApr 20, 2018
    risk 0.57cvss 8.8epss 0.03

    VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.

  • CVE-2020-3977MedSep 22, 2020
    risk 0.42cvss 6.5epss 0.01

    VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation of this issue may allow an attacker to bypass two-factor authentication process. In…

  • CVE-2017-4897MedMay 31, 2017
    risk 0.36cvss 5.5epss 0.01

    VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Successful exploitation…